WHITEPAPER

SECURITY + INFRASTRUCTURE

Central Desktop / Updated April 22, 2015

2 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Table of contents

Introduction 3

Security overview 4

Perimeter + physical security 4

Key security features + advantages 5

Surveillance 5

Authorized access only 5

Remote access 6

SSAE 16 Type II 6

Building,firesuppression+powerbackup 7

Applicationsecurity 8

Userauthentication/loginsecurity 8

Advancedpasswordsecurityoptions 9

Permissions and rights management 10

Company permissions management 10

Workspace permissions management 10

TLSencryptionandtrustedemaildomainsupport 11

Trusted IP addresses 12

Customtermsofserviceandprivacypolicy 13

Globalperformance 14

Network security 15

Third-partynetworkauditing 15

CentralDesktop’smulti-layernetworksecurityprotection 16

Securitylayers 17

Siteoperations 17

Securitypatchesandupgrades 17

Dataintegrity 18

Protecteddatastorage 18

Virusscanning 18

SSLdataencryption 19

Databackupsandrestoration 20

Complete system redundancy 21

Comprehensive disaster recovery plan 22

Uptime/highavailability 23

Summary: Your data is secure and protected 24

AboutCentralDesktop 25

3 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

IntroductionTheaccessibility,securityandintegrityofyourdataareintegraltothesuccessofyourcompanyandthereputationofourbusiness.BecauseCentralDesktopisdeliveredasacloud-basedSoftware-as-a-Service(SaaS)solution,reliabilityanduptimeofourservicesareofutmostimportanttoyourbusinessandoursuccess.

YourdataissecurewithCentralDesktop.TheCentralDesktopplatformrunsonaproveninfrastructuredesignedtoprovidemaximumsecurity,performanceandreliability.

CentralDesktoppartnerswithleadingdatacentersAlchemyCommunicationsandCorexchangetoprovideitscustomersandpartnerswithstate-of-the-artperimeter,network,server,applicationanddatasecuritytoensureprivacyandavailability.Thedatacenterinfrastructureincludesraisedfloors,state-of-the-artfiresuppression,abundantandredundanthigh-speedinternetconnectivity,redundantpowerandaself-containedcoolingsystem.Wemaintaintwogeographicallyseparatedfacilitiestoensurecustomerdatasecurityandintegrityintheeventofanydisaster.

Businessthesedaysisglobal,whichiswhyCentralDesktophaspartneredwithAkamai,theleaderincontentdeliverynetworksandglobalapplicationacceleration.CentralDesktopleveragestheAkamaiinfrastructurefootprinttoboostapplicationresponsivenessandfiletransferperformance,ensuringyouandyourcollaboratorsgetagreatexperience,nomatterwhereontheglobeyouareusingthecollaborationplatform.

CentralDesktopprovidesourcollaborationplatformtomorethan550,000usersworldwide.Ourtypicalcustomerisafast-paced,medium-sizedbusinessorganizationorateamordepartmentwithinalargeFortune500orGlobal2000company.Alltheseorganizations,regardlessofsize,trustandrelyonCentralDesktoponadailybasis.

4 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Security overviewCentral Desktop’s security and infrastructure were designed to provide maximumperformanceandreliabilitywithstate-of-the-artphysicalanddatasecurityandredundancy.CentralDesktop’ssecuritypolicywasarchitectedwithmultiplelayersofsecurity,safeguards,andredundancytowardoffexternalsecuritythreats.

Perimeter + physical security Central Desktop is dedicated to developing and maintaining a state-of-the-artphysicalsitesecuritywhereithostsitsdataandservers.CentralDesktop hosts its primary servers and data at the Alchemy Data Center inIrvine,California.TheAlchemyDataCenterisdesignedtowithstandpoweroutages,fire,intrusionandtampering,andnaturaldisasterscenariosincludingan8.3magnitudeearthquake.CentralDesktophostsitsbackupserversanddatainageographicallyseparatelocationmorethan800milesawayinDallas,TexasattheCorexchangeDataCenter.

5 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Key security features + advantages

Surveillance

Physicalaccesstothedatacenteriscontrolledandmonitored24/7by:

•Uniformedbuildingsecurityservices

•Videocameraandelectronicsurveillancewithintrusiondetection

•Onsite24/7technicalpersonnel

Authorized access only

Central Desktop only allows authorized personnel to access the physical siteserversanddata(includinganyremote,virtualortele-accesstothedatacenter).

Authorizedpersonnelmustpasscriminalandhistoricalbackgroundchecksandmustsignstrictnon-disclosureagreements(confidentialityagreements)withregardstoprotectingandaccessingcustomerdata.Breachestotheagreementscarryseverelegalpenaltiesandramifications.Authorizedpersonnelarerequiredtopassthroughelectronicandvisualidentityvalidationsystemstoenterthedatacenter.Accesstothedatacenterismaintainedbytime-stampedlogsforhistoricalretrieval.

AllofCentralDesktop’sequipment(servers,routers,switches,storagedevices)isstoredinsecurelylockedcabinetsandcages.

6 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Remote access

Remote Access to the Central Desktop servers are strictly controlled andlimitedtoauthorizedpersonnelonly.Anyauthorizedremote accessissolelyexecutedviaencryptedcommunications.

SSAE 16 Type II

CentralDesktopandallofitsdatacentersareSSAE16TypeIIcompliant.Askyoursalesrepresentativeforacopyofourlatestreports.

SSAE16isanenhancementtothepreviousstandardforReportingonControlsataServiceOrganization,theSAS70.SSAE16isawidelyrecognizedauditingstandarddevelopedbytheAmericanInstituteofCertifiedPublicAccountants(AICPA).Aserviceauditor’sexaminationperformedinaccordancewithSSAE16(“SSAE16Audit”)representsthataserviceorganizationhasbeenthroughanin-depthauditoftheircontrolobjectivesandcontrolactivities.Thisauditoftenincludescontrolsoverinformationtechnologyandrelatedprocesses.CentralDesktop’sSSAE16 Type II audits ensure that appropriate processes and controls have beenestablishedandthata3rdpartyhasreviewedthesecontrolsoveraperiodoftimeandfoundthemtobeworkingeffectively.YourcompanycanusetheCentralDesktopservicewithcompleteconfidence

7 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Building, fire suppression + power backup

Alchemy’s newest data center is a state-of-the-art 42,500 sq.ft.facilitylocatedlessthantwomilesfromJohnWayneAirport.Thiscarrier-neutralfacilityhasdiverseentrypoints,withbothVerizonandAT&TPointofPresence.Constructedin1989,thebuildingfeatures18-inchraisedfloorsandisequippedwitheveryessentialtohouseandprotectyourdata.ThetelecommunicationabilitiesareendlesswithdarkfibertoOneWilshireinadditiontomultiplefibercarrierssuchasTWTelecom,Level3,VerizonBusiness,andAT&T.Never fear a power outage again: the Irvine Data Center has N+1 redundancy on all systems, and four 600KW Caterpillar Generatorswithenoughfuelcapacitytorunfor16hours.

Plus, the data center accesses two Southern California Edison PowerGridsformaximumpowerredundancy.Alchemygoesto great lengths to ensure the safety of your data, from a superiorcoolingsystemofsixteenindependentDX-basedairhandlers,tohigh-gradefiresuppressionsystemsofdoubleinterlockingpre-actiondrypipesforbothHalonandFM-200.Withbiometricsecurityandcardreaderscontrollingbuildingaccess,aswellasvideosurveillanceandaDedicatedNetworkOperationsStaffpatrollingallbuildingentrances,itisclearAlchemytakesgreatcareinnotonlydata-retention,butalsodata-protection. This battery backed-up UPS system ensures that none of the critical equipment has an

interruption of power while waiting for the generators to kick in.

8 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Application securityUser authentication / login securityPhysicalaccesstothedatacenteriscontrolledandmonitored24/7by:

•Uniformedbuildingsecurityservices

•Workspacemembers(users)areinvitedbyadministratorsandworkspaceowners,thusensuringsecureaccessisrestrictedtospecifiedusers.

•AllCentralDesktopuserscreateauniqueusernameandpasswordwhentheycreateaprofile.

•Userauthenticationiscontrolledviauniqueandvalidusernameandpasswordcombinationthatisencryptedusingaone-wayhash.Whenuserssubmitusernameandpasswordviathisone-wayhashtoCentralDesktop,auniquedigitalsignature(orfingerprint)iscreated,whichinturnidentifiesandauthenticatesthesenderandthecontentsofthemessage.

•Aftertheone-wayhashsecurelogin,thesecuritymodelisreappliedwitheveryrequestandenforcedfortheentiredurationofthesession.Thesecuritymeasuresaretransparenttotheuseranddonotcauseanyperformancedrag,latency,orslowdown.

•Eachadditionalrequestisre-verifiedandiftheuser’ssessioncannotbeauthenticatedortheuser’sstatusonthesitehaschanged(i.e.,theuserisdeletedfromtheworkspaceorcompanybytheadministrator),theuserwillnotbeallowedtoaccessthespecifiedworkspaceordata.

•CentralDesktopdoesnotuse“cookies”tostoreotherconfidentialinformationandhasimplementedadvancedsecuritymethodsbasedondynamicdataandencodedsessionIDs.

•CentralDesktopuses“expiringheaders”whichenablesuserswiththeabilitytoensuremaximumsecurityaftertheylogoutofthesystem–eliminatingtheabilityforotheruserstoaccesscachedpagesinthebrowser.

9 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Advanced password security options Available with Central Desktop for Enterprise, Agencies and Marketers

CentralDesktopprovidesanadditionallayerofpasswordsecuritybyallowingtheadministratortoadjustarangeofpasswordoptionssuchas:

• Minimum password length Theadministratorcandeterminewhattheminimumpasswordlengthmustbeforalluserswithinthecompany.Toensureaminimumlevelofpasswordsecurity,CentralDesktopnativelyrequiresaminimumof6characters,butcansupportuptoa50-characterminimumpasswordlength.

• Password save option Theadministratorcandeterminewhetherornottoenablethe“RememberMe”functionatthepointofloginforalluserswithinthecompany.ThisoptionshouldbedisabledifadministratorsareconcernedaboutusersaccessingCentralDesktopfrompublicterminalsandlocationsandwanttoensurethatlogincredentialsarenotsaved.(Note:Whetherornotthisfeatureisenabled,userscanstillsaveusernameandpasswordlocallyviathewebbrowser.)

• Password complexity Administratorscanrequireuserstouse“complex”passwordcredentials.Enablingthisfeaturewillrequirealluserstoincludethefollowingdetailsinpasswords:

- At least one lowercase character - At least one UPPERCASE character -Atleastonedigit(numeral) -Atleastonespecialcharacter–oneofthefollowingcharacters:@#$%^&+=-!

• Password change frequency Administratorscandeterminehowoftenuserpasswordsexpire,forcinguserstocreateanewpasswordevery30,60,90,180,or365days.

10 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Permissions and rights managementCentralDesktopprovidescustomizablepermissionsand rights management to accommodate a variety of customerneeds.Userpermissionsaremanagedatboththe company level and at the workspace level, allowing accesstospecifiedworkspacesonlyandallowingtheadministrator to further restrict user permissions at the workspacelevel.

Company permissions managementUserpermissionsandaccesscanbemanagedatthecompanygrouplevel,allowingeasyadministration ofuserrightsandaccesstoworkspaces.

Workspace permissions managementGranular permissions are managed at the workspace level forusers(members)andgroups.PermissionssuchasRead,Edit, Add, Delete and Admin rights are granted on a user-by-userorgroup-by-groupbasisattheworkspacelevel.

11 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

TLS encryption and trusted email domain supportAvailable with Central Desktop for Enterprise, Agencies and Marketers

JustasSSLprotectsyourdataintransitto/fromyourwebbrowser,CentralDesktopusesTransportLayerSecurity(TLS),aprotocolthatencryptsanddeliversemailsecurely.TheTLSencryptionandtrustedemaildomainfeatureallowsyoutocontrolaccessandsendencryptedemailstotrustedusers.

Email domains that are listed as trusted domains will receive a TLS-encrypted email with all ofthecontentsofthediscussion,comment,ordocumentsavailablefortheusertoread.

NOTE:AdditionalTLSsoftwareconfigurationandsetupisrequiredbythecompanytosupportTLSencryption.

12 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Trusted IP addressesAvailable with Central Desktop for Enterprise, Agencies and Marketers

The trusted IP address feature allows administrators to restrict access to Central DesktopbyIPaddressorIPrange.OnlylistedIPaddresseswillbeallowedaccesstoCentralDesktop.ThisisidealfororganizationsthatneedtorestrictaccesstoCentralDesktopviaaVPNorofficelocationIPaddress.Thisfeaturecanbeconfiguredatthecompanylevelandoverriddenattheuserlevel.

13 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Custom terms of service and privacy policyAvailable with Central Desktop for Enterprise, Agencies and Marketers

ThecustomtermsofserviceandprivacypolicyfeatureallowsadministratorstoforceinternalmembersandexternalmemberstoagreetocustomtermsofserviceandprivacypolicywhentheyregisterwithCentralDesktop.Thisfeatureenablescompaniestocomplywithcertainconfidentialityortermsofuserequiredundercertaincorporatepoliciesorstatutoryrequirements.

14 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Global performanceToassureconstantandcontinuousconnectivitytothecoreInternetbackbones,CentralDesktop’snetworkinfrastructureleveragesmulti-homedbandwidthcarriers.Thisensuresglobalaccessanduptimeintheeventofnetworkdiscontinuitywithasinglecarrier.

The redundant layers that comprise and support the networkinfrastructureensurecontinuousconnectivity.Intheeventofabandwidthlayerfailure,theremainingsupportinglayerswilldetectthefailureandtransfercontrolinamatterofseconds.Thisisoftendescribedasa“self-healing”or“automated”network.Thisarchitecture ensures that any single point of failure preventsnetworkdisruption.

Thebestwaytoimprovewebapplicationperformanceistogetthedataclosertotheenduser.CentralDesktopleveragestheAkamaiglobalcontentdeliverynetworktospeedupbothapplicationdeliveryinadditiontofileupload/downloadperformance.

CentralDesktophasintegratedAsperaWANaccelerationfortheultimateinfiletransferperformance.Thisfeatureisespeciallyusefulforlargefiletransfersandbulkuploads/downloads.

Akamai and Aspera ensure a great Central Desktop experience no matter where you are in the world.

15 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Network securityCentralDesktophasarchitectedamulti-layeredapproachtosecureanddefendyourdatafromexternalattack.Weleveragestate-of-the-arthardwareandsoftwaresecuritymethodstopreventunauthorizedintrusionbyexternalusersattemptingtoaccessyourdata.Ourinfrastructureproactivelydetersandmonitorsforexternalattacksandunauthorizedintrusions.

Central Desktop employs experienced engineers, system administrators, and ITprofessionalswhopassthroughrigoroustesting,confidentialityagreements,andbackgroundcheckstosecureyourdata.TheCentralDesktopteamisproactivelymonitoringanddeployingnewsecuritymeasuresviasoftwareandhardwareonaregularbasisasappropriate.

Third-party network auditing

Inadditiontoourownsecuritymeasures,ournetworksecurityisauditeddailybyindustry-leadingthird-partysecurityvendorMcAfee.McAfeeperformsnetwork security checks to verify the integrity of the Central Desktop network asseenfromoutsidethenetwork.TheirtestslookforvulnerabilitiesandreportanyissuesimmediatelytotheCentralDesktopteam.

16 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Central Desktop’s multi-layer network security protectionCentralDesktopdeploysa“multi-layerednetworksecurityprotectionsystem”tosecureanddefendyourdatafromintrusionandattack.Betweenourservers,whichhousecustomerdataandtheInternet,therearemanylayersofnetworksecurityprotection:

1. Router Thefirstlineofdefensetoprotectyourdataistherouterthatresidesinfrontofthefirewall.Therouterisspecificallyconfiguredtoblockthemostprevalentwormattacksonthewebbyscanningandanalyzingheaderandpacketinformation.Viathescanningprocess,eachpacketisinspectedandeithergrantedauthorizedaccessordeniedbeforeeverreachingthefirewall.Therouteristheinitiallineofdefensetoeliminateunauthorizedandunnecessarytrafficandblocksitfromgainingaccesstothefirewall.

2. Firewall Allinformationanddatarequeststhatpassthroughtheroutermustnextpassthroughthefirewall.Thefirewallplacesstrictlimitsonportsandprotocolsandprovidesthesecondlayerofprotectionforyourdata.NAT(NetworkAddressTranslation),alsoknownasnetworkorIPmasqueradingtechnology,isusedintheCentralDesktopdatacenterfirewalltoprovideanextralayerofsecurity.

3. Intrusion Detection System (IDS) Passingthefirewall,dataflowsarenextscrutinizedbytheIntrusionDetectionSystem(IDS).TheIDSmonitorsnetworktrafficformaliciousactivitiesorpolicyviolationsandreportsanomaliestotheCentralDesktopweboperationsteam.

4.Web server load balancing Webserverloadbalancing,whilenotstrictlyasecuritylayer,alsoprovidesadditionalportscreeningandprotocolprotection.WebserverloadbalancingcanidentifycommonDoSattacksandscreenthembeforereachingtheserver.ItensuresthattheURLrequestsbeingmadearewellformed,thusrejectingattemptedexploits.

5.Web/applicationservers Theweb/applicationserverlayerrunsonFreeBSDwithApacheasthewebserversandCentralDesktopastheapplicationserver.

• Apacheisconfiguredtominimalconfigurationspecificationsrequiredtorunourapplicationlayer. • ApplicationserversareconfiguredtoprocessHTTPrequestsonly. • Othernon-coreInternetprotocolsandservicesaredisabled. • Serversarelockeddownandsecuredattheoperatingsystemandsystemdirectorylevels. • Allnon-essentialportsandserviceshavebeenblocked,locked,anddisabled.

17 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Security layersSecurityisbuiltinfromdayonewithyourCentralDesktopsolution. TheCentralDesktopsystem,withmultiplelayersofhardware,software,andnetworkinfrastructure,isdesignedandoptimizedtoprotectyour datafromintrusion.

Site operations • Regularoperationsandsystemadministratormeetingsare

held to discuss and review near-term and long-term industry-compliantsolutions.

• CentralDesktopproactivelymonitorsindustrysecuritywarnings, channels, and alerts to uncover new and emerging securityrisks.CentralDesktopengineersactimmediatelyuponthediscoveryofanysecurityrisksoralerts.

• CentralDesktopproactivelyscansvendor-specificsecuritychannels,including:CiscoSystems,MicrosoftCorporation,FreeBSD,Linux,pluscommunity-basedforumsandchannels.CentralDesktopalsosubscribestoallcommonemailvirusandbugnotificationandalertslists.

Security patches and upgrades • TheCentralDesktopteamroutinelymonitors,evaluates,tests,

andappliessecuritypatches,fixes,updates,andupgrades. • Anyothermission-criticalsecuritypatches,updates,and

upgradesfromvendorandcommunitychannelsarenotifiedandsenttoCentralDesktopandareroutinelyevaluated,tested,andapplied,ifapplicable,within24-72hoursofbeingnotified.

18 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Data integrityMillionsofdatafilesresidewithinourcustomers’CentralDesktopworkspaces,andthousandsoffilesareaddedeveryweek.CentralDesktopenlistsavarietyofmethodstoassuredataintegrity,includingdataprotectionbasedonnetworkarchitecture,asdescribedpreviously,plussoftware-enabledSSLdataencryption.

Protected data storage

Yourdata’sintegrityisprotectedbynumerouslayersofstate-of-the-arthardwareandsoftwaresecurity features to prevent hackers or other unauthorized individuals from gaining access to it.Withourmultiple-layernetworksecuritysystem,yourdataissafelysequesteredwelloutofharm’sway.Thefollowingdetailsourapproachto“defense-in-depth”security.

• Securitymodelisreappliedwitheveryrequestandenforcedfortheentire durationofthesession.

• Applicationsecuritymodelpreventscustomerdatacross-overandensures completecustomerdatasegregationandprivacy.

• Customerdataissegmentedfromtheapplicationlayerprovidingadditional securitybuffers.

• Customer data is encrypted at rest using industry-standard AES algorithms (military-gradetools,NSA-classifiedencryption,NISTFIPS197encryption)

Virus scanning

• CentralDesktopserversrunthelatestversionofvirusdetectionsoftware. OurcomputersareadditionallyprotectedbyTrendMicroAntivirus.

• Virusscanningsoftwareisupdateddaily.

• Files uploaded to Central Desktop are virus scanned to ensure safe informationcollaboration.

19 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

SSL data encryption

AllCentralDesktopcustomerscanleverage256-bitAESHighGradeEncryptionandSecureSocketLayer(SSL)thatprotectsyourdatausingbothserverauthenticationanddataencryption.

• SSLencryptiontechnologyprotectsyourdatafrombeingreadduring transmissionfromyourcomputertoCentralDesktopservers.

• SSLencryptionsoftwareensuresthatwhentherecipientofthetransmitted datareceivestheinformation,thecomputerdecryptstheinformation, authenticatesthesource,andverifiesthedataintegrity.

• SSLencryptiontechnologyleveragesdigitalcertificatestoverifytheidentity ofthedataflowovertheinternetandallowsforencryptionanddecryption byauthorized(authenticatedsources).

CentralDesktopusesComodo/USERTrustforitsSSLDigitalCertificates.

• Comodo/USERTrustisthesecond-largestcertificationauthorityfor ensuringidentitytrustandassuranceontheweb.

• Comodo/USERTrust’scomprehensivearrayoftechnologiesenablesorganizations ofallsizestosecuree-businesstransactionscost-effectively.

• Morethan200,000customersinmorethan100countries,securing500,000+ businessesandindividuals,relyonComodo/USERTrustproductsandservices.

• Comodo/USERTrustoperatesoneoftheworld’slargest,fastestgrowing certificationauthorityinfrastructureswiththehigheststandardsas evidencedbyKPMGannualaudits.

20 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Data backups and restoration

AllCentralDesktophasimplementedrigorousbackupprocedurestoensurethatyourdataissafelyandaccuratelybackedup.

• CentralDesktopmaintainsamirroredandredundantcopyoftheentireStorageAreaNetwork(SAN).Thisactsasa“warmbackup”ensuringquickaccessandretrievalofdatainanemergency.

• CentralDesktopmaintainsafullbackupsnapshotofdatastoredontheSAN.CentralDesktopexecutesadailybackupandstoresdataforupto90days.

• BackupproceduresincludeentireSAN,databases,andallconfigurationsandcodefilesforallservers.

• Allbackupsareencryptedintransitandatrestusingthesamelevelofencryptionandprotectionsaslivedata.

• Allbackupsarerotatedintooffsiterotationdaily.

• CentralDesktopisabletorestoreandretrievedatastoredforuptothreemonths.(Applicablefeeswillapply.)Toinitiatearestorerequest,pleasecontact Central Desktop Support at support@centraldesktop.com.

• Atanytime,workspaceadministratorscanaccessanddownloadtheentirecontents oftheworkspacetogiveyouadditionalpeaceofmindsothatyoucanstorea back-upofyourdata.

21 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Complete system redundancySystemredundancyisthekeytoensuringconsistentandreliableuptimeandtoeliminatingsinglepointsoffailure.CentralDesktop’sinfrastructurefollowsanN+1 model to provide full redundancy of all key system components and services includinghardware,internetconnectivity,andpowersystems.

• Redundancyisavailableonallkeynetworkingequipmentincludingrouters,switches,firewallsandload-balancingservers.

• Multipleload-balancedwebserversandapplicationserversareconfiguredtoensureredundancy.Ifawebserverfails,therearemultiplewebserversavailabletocarrythewebsitetrafficandloadswithoutinterruption.

• DatabaseandfileserversusehardwareRAID(redundantarrayofindependentdisks)technologytoensureavailabilityduringstandardmaintenance.Thisalsoensuresdataintegrityandredundancyintheeventofanysingleharddrivefailure–withoutinterruptionordatalosstotheuser/customer.

• Routersandwebserversareoptimizedandconfiguredtoaccommodatemaintenance,softwareupgrades,serverrotation,andconfigurationwithoutadisruptionofservice.

22 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Comprehensive disaster recovery plan CentralDesktophasplannedforcomprehensivedisasterrecoveryandcontingenciestoprotectyourdataandtoprovidecriticalaccessandbusinesscontinuitytoourapplications.Businesscontinuityensuresthatyouareabletoconductyourbusinessintheeventofnaturaldisasterorthesuspensionofservicesasaresultofpowerorinternetconnectivity.

Comprehensivedisasterrecoveryensurestheabilitytore-establishaworkingdatacenteratoursecondarysiteifadisasterdestroysorrendersinoperabletheprimarydatacentersite.Intheunlikelyevent of a catastrophic disaster and failure at Central Desktop’s primary data center site, Central Desktop hasacomprehensiveDisasterRecoveryPlaninplace.

AcompletetestofthisDisasterRecoveryPlanisconductedannually.

ContingenciesandplansareinplacetoensurethatCentralDesktopanditscustomersareupandrunningwithcompleteCentralDesktopfunctionalityandrestoreddatawithin12hoursofthedisaster.

Thedisasterrecoveryplanincludesguidelines,procedures,andclearrolesofresponsibilityandcommunicationamongstthepartners.Theplanensurestimelyactionandquickresponseinsuchanunlikelyevent.

• Within2hoursofnotificationofthedisasterattheprimarydatacenterlocation, adisasterteamisactivatedandpreparedtobegintherecovery.

• Oursecondaryfacility(locatedinDallas,Texas)ispreparedandbroughtonline.

• Keyserverconfigurationandcustomerdataisupdatedandrestoredfromthe mostrecentbackup.

• CentralDesktopcustomersregainaccesswithin12hoursofthedisaster.

• Thesecondaryhostingfacilityiscapableofperformingallhostingfunctions intheeventofsuchanemergencyordisaster.Thesecondaryhostingfacility iscomparabletoourprimaryfacility.

23 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Uptime / high availabilityCentralDesktopprovidesindustry-leadinguptimeandservicewithhighavailabilityanduptime.

• Real-timeupdatingofsystemscanbefoundathttp://status.centraldesktop.com

• ThemeasureduptimeforCentralDesktoptypicallyexceeds99.9%.(Thisisexclusive of scheduled maintenance, which includes hardware and network maintenanceaswellassoftwareupdates.)

• Hardwaremaintenanceistypicallyperformedinwindowsbetween12:00amand3:00amEasternTimeonweekendstoavoidinconveniencingcustomers.

• Softwareupdateprocedurestypicallyrequirethesitetobedownforlessthan60secondsatatime.CentralDesktopschedulessoftwaremaintenanceforweekendmornings(NorthAmericatime)toensureminimalcustomerdisruption.

• CentralDesktopusesreal-timeonsiteandoffsitealertssystemsandsitemonitoringtoensuretheavailabilityandperformanceofdistributedITinfrastructures—e.g.,servers,operatingsystems,networkdevices,networkservices,applications,andapplicationcomponents.ProactivemonitoringenablesCentralDesktopengineerstoattackproblemsimmediatelybeforetheybecomecriticaloremergencies.

24 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

Summary: Your data is secure and protectedCentralDesktopprovidesindustryleadingsecurityandprotectionofyourdata.Whetheryouareworkingfromyouroffice,yourhome,orontheroad,youcandependonCentralDesktoptobeavailabletoyouatyourcriticalmoments.

Theabilitytoaccessyourdataanytimefromanywhereensuresthatyouremainproductive,protected,andconnectedtotheinformationthatyouneedtorunyourbusiness.

Formoreinformationorquestions,pleasecontactinfo@centraldesktop.com.

25 / 25WHITEPAPER: SECURITY + INFRASTRUCTURE / ©2015 Central Desktop

866 900 7646centraldesktop.com

Contact us We don’t bite

About Central Desktop Central Desktop helps people work together in ways never beforepossible. TheCentralDesktopcollaborationplatformconnectspeopleandinformationinthecloud,makingitpossibletosharefiles,combineknowledge,inspireideas,manageprojectsandmore.

CentralDesktopserveshalfamillionusersworldwide.KeyCentralDesktopcustomersincludeCareerBuilder,MLB.com,SesameStreet,PGATour,TheHumaneSociety,CBS,Workday,WD-40,PokemonandPinkberry.

Founded in 2005, Central Desktop is a PGi company located inPasadena,California.

Click here to learn more about Central Desktop

(C’mon just click it !)